HashiCorp Developer AI Private beta now available Sign up today
Waypoint
Waypoint Home

Deploy an Application to Nomad

Warning

This content is part of the legacy version of Waypoint that is no longer actively maintained. For additional information on the new vision of Waypoint, check out this blog post and the HCP Waypoint documentation.

In this tutorial, you will learn how Waypoint works by deploying and running an application on a Nomad cluster that is running on cloud infrastructure.

If you want to try Waypoint on a Nomad cluster running locally, complete the get started with Nomad locally tutorials.

Prerequisites

For this tutorial, you will need:

You will create a Nomad cluster in this tutorial and depending on where you want to run it, you'll also need:

Create a Nomad environment

Waypoint supports Nomad both as a location for running the Waypoint server and as a target for application deployments.

Waypoint installation on Nomad supports persistent data storage with host or CSI volumes. In this tutorial, you use host volumes for persistent storage, and will set up one for both the server and client runner. While it is possible to have the server and runner share the same Nomad volume, we recommend having separate host volumes.

Set up DockerHub configuration

When running Waypoint on non-local infrastructure, an external image repository is necessary for storing and retrieving built images. In this tutorial, you will use DockerHub as an external image repository but other ones work as long as you properly configure authentication through the auth configuration of the registry block in the Docker plugin.

To access DockerHub for pushing and pulling images, Waypoint requires authentication credentials. It supports credential definitions in the waypoint.hcl file and "out of band" authentication by reading configurations set locally by a docker login either through the Docker CLI or Docker Desktop. In this tutorial, you will be providing DockerHub token credentials through environment variables.

Navigate to DockerHub, log in, and create an access token by visiting the security settings page and clicking the New Access Token button. Give the token a description, select the Read, Write, Delete permission option from the dropdown, and click the Generate button.

Create an access token on DockerHub

Copy the token value and export it as an environment variable.

$ export REGISTRY_PASSWORD=<YOUR_TOKEN>

Then, export your DockerHub username.

$ export REGISTRY_USERNAME=<YOUR_USERNAME>

Clone the example repository

The example repository contains application code and Waypoint configuration files for building, deploying, and releasing the application with Waypoint.

Clone the example repository.

$ git clone https://github.com/hashicorp-education/learn-waypoint-get-started.git

Navigate to the nomad-cloud directory.

$ cd nomad-cloud

Review the Nomad client configuration

Host volumes are configured in the Nomad client HCL file with the host_volume block. Waypoint uses these host volumes to write the data it needs for the server and client runner.

Review the host_volume blocks of the Nomad client configuration.

nomad-cloud/shared/config/nomad_client.hcl
# ...

client {
  # ...
  host_volume "wp-server-vol" {
    path = "/nomad/host-volumes/wp-server"
    read_only = false
  }
  host_volume "wp-runner-vol" {
    path = "/nomad/host-volumes/wp-runner"
    read_only = false
  }
}

Update the Terraform configurations

Choose the cloud provider below that you want to use.

Note

Make sure that you have your AWS access credentials set as environment variables.

Navigate to the aws folder.

$ cd aws

Rename the example variables file to terraform.tfvars.

$ mv terraform.tfvars.example terraform.tfvars

Update the region variable in terraform.tfvars with your AWS region preference. Save the file.

aws/terraform.tfvars
region      = "us-east-2"

Deploy the Nomad cluster

Initialize Terraform to download required plugins and set up the workspace.

$ terraform init

Provision the resources. Respond yes to the prompt to confirm the operation. The provisioning takes a couple of minutes.

$ terraform apply

# ...

Apply complete!

Outputs:

IP_Addresses = <<EOT

It will take a little bit for setup to complete and the UI to become available.
Once it is, you can access the Nomad UI at:

http://3.14.8.189:4646/ui

Set the Nomad address, run the bootstrap, export the management token, set the token variable, and test connectivity:

export NOMAD_ADDR=http://3.14.8.189:4646 && \
nomad acl bootstrap | grep -i secret | awk -F "=" '{print $2}' | xargs > nomad-management.token && \
export NOMAD_TOKEN=$(cat nomad-management.token) && \
nomad server members

Copy the token value and use it to log in to the UI:

cat nomad-management.token

Verify cluster availability

Once the provisioning is complete, the Nomad web UI will become available in another couple of minutes. You can get the URL in your terminal with the Terraform output variable nomad_ip.

$ echo $(terraform output -raw nomad_ip)
http://3.14.8.189:4646/ui

Open the web UI. You may see an error from your browser letting you know that the site cannot be reached or a No cluster leader error message from the Nomad UI after refreshing the page. These are both normal during the setup and mean the cluster is not yet ready. Wait a few minutes and refresh your browser again to see the Nomad UI.

The Nomad UI will show a Not Authorized message once cluster setup is complete. This means the ACL system has not been set up yet. You will bootstrap it in the next section.

A screenshot of the Nomad UI displaying the not authorized message on first load

Set up Nomad

Once the cluster is ready and the web UI is available, you can bootstrap the ACL system.

Export the cluster address as the NOMAD_ADDR environment variable.

$ export NOMAD_ADDR=$(terraform output -raw nomad_ip)

Bootstrap the ACLs and save the management token to a file.

$ nomad acl bootstrap | \
    grep -i secret | \
    awk -F "=" '{print $2}' | \
    xargs > nomad-management.token

Export the token as the NOMAD_TOKEN environment variable. Your CLI is now set up to interact with the cluster.

$ export NOMAD_TOKEN=$(cat nomad-management.token)

Authenticate with the web UI.

$ nomad ui -authenticate
Opening URL "http://3.14.8.189:4646/ui" with one-time token

Inspect the host volumes

The host volumes for the Waypoint runner and server can be seen in the Nomad UI when inspecting the client. Open the Nomad UI, click on the Clients link from the left navigation, click on the client from the client list, and scroll down to the Host Volumes section.

Note that there are two host volumes in the list, one for the Waypoint runner with the name wp-runner-vol and one for the Waypoint server with the name wp-server-vol.

Nomad UI showing the host volumes of a client

Set up Waypoint

HCP Waypoint is a HashiCorp-managed service that helps you to manage your application lifecycle without maintaining a Waypoint server and associated infrastructure. It allows to you automate and simplify the process of deploying your web applications into your infrastructure.

Waypoint runs as a server and a client, whether run on HCP Waypoint or locally. For this tutorial, you can choose to use HCP Waypoint for the server and your Nomad cluster for the client or run Waypoint entirely on the cluster.

Both methods create a Waypoint context that contains information about the server and authentication for connecting to it from the Waypoint CLI. This is how the CLI knows the address of the server when you run other Waypoint commands.

Set up an HCP organization and project

Sign in to your HCP account and create an HCP organization by following the steps in the Create an organization page. Then, create an HCP project by following the steps in the Create a project page.

Enable HCP Waypoint

Click on the Waypoint option from the left navigation.

HCP UI with the Waypoint option highlighted

Then, click on the Activate Waypoint button in the top right of the page.

HCP Waypoint UI with the Activate Waypoint button highlighted

A dialog appears to confirm that Waypoint has been activated.

HCP Waypoint UI a dialog showing that Waypoint has been activated

Set up HCP Waypoint context

Click the Manage button on the top right of the page, click on the clipboard icon to copy the waypoint context create command, and run it in your terminal. Your Waypoint CLI can now communicate with HCP Waypoint.

HCP Waypoint UI with the Manage button clicked and copy button highlighted

HCP Waypoint works with your local installation of the Waypoint CLI and does not require any additional runners as it uses the one that is part of the CLI. Installing and connecting a static runner to HCP Waypoint allows you to automate your workflow with GitOps and use dynamic configuration sourcing without requiring interaction with your CLI.

This tutorial uses only the CLI runner and does not include runner installation. You can read more about the runner installation process on the runner install page.

Initialize Waypoint for the application

You must initialize and configure Waypoint for your application before beginning the build, deploy, and release workflow.

During the initialization process, Waypoint searches for a waypoint.hcl configuration file for the application in the current directory. This configuration file gives Waypoint instructions for how to build, deploy, and release your application. If Waypoint cannot find the configuration file when you run waypoint init, it will create a waypoint.hcl file that you can customize for your application.

Review the waypoint.hcl file

Change to the example-app directory.

$ cd ../example-app

Open the waypoint.hcl file.

nomad-cloud/example-app/waypoint.hcl
variable "registry_username" {
  type = string
  default = ""
  env = ["REGISTRY_USERNAME"]
}

variable "registry_password" {
  type = string
  sensitive = true
  default = ""
  env = ["REGISTRY_PASSWORD"]
}

project = "nomad-nodejs"

app "nomad-nodejs-web" {
  build {
    use "pack" {}
    registry {
      use "docker" {
        image = "${var.registry_username}/nomad-nodejs-web"
        tag   = "1"
        local = false
        auth {
          username = var.registry_username
          password = var.registry_password
        }
      }
    }
  }

  deploy {
    use "nomad" {
      datacenter = "dc1"
      namespace  = "default"
      service_provider = "nomad"
    }
  }
}

The variable blocks define the Docker registry username and password environment variables set earlier.

The app block defines the name of the application in Waypoint and contains the build, deploy, and release configuration blocks.

The use option within the build, deploy, and release blocks specifies which plugin to use during those specific phases of the workflow.

The build block defines how Waypoint will build the application and produce an artifact.

  • Since the use "pack" option in this example is empty, Waypoint uses the default configuration for the Cloud Native Buildpacks plugin, which selects the most relevant pack to build the application.
  • The registry option specifies image registry information. In this example, the image contains the username for DockerHub and an auth block with credentials for pushing to that registry. The image attribute must include the fully qualified name unless you are using DockerHub.

The deploy block defines how Waypoint will deploy the application.

Waypoint URL service

The Waypoint URL service is a service hosted by HashiCorp that generates publically accessible URLs for your applications on Waypoint. The URLs are connected to your application and their deployment locations so the URLs will only resolve when the deployment is running.

These preview URLs are optional and can be disabled in the Waypoint server configuration when running a server manually with waypoint server run. You can also disable preview URLs on a per-app basis with the url block if the service is enabled on the server.

Disable the URL service for a specific app
project = "example-project"

app "example-application" {
  url {
    auto_hostname = false
  }
  
  # ...
}

Initialize Waypoint

Initialize Waypoint for the example application.

$ waypoint init
✓ Configuration file appears valid
✓ Connection to Waypoint server was successful
✓ Project "nomad-nodejs" and all apps are registered with the server.
✓ Project "nomad-nodejs" pipelines are registered with the server.

Project initialized!

You may now call 'waypoint up' to deploy your project or
commands such as 'waypoint build' to perform steps individually.

Build and deploy

With the initialization complete, use the waypoint up command to instruct Waypoint to build, deploy, and release your application.

Run waypoint up

Waypoint uses Cloud Native Buildpacks to automatically detect the type of application and uses the applicable buildpack to create the build artifact.

Once Waypoint completes the build, it stores the artifacts in a registry. The registry block contains the configuration for where Waypoint should store those artifacts. By default, Waypoint stores Docker artifacts locally with Docker Desktop unless the registry block contains additional configuration.

Start the Waypoint workflow.

$ waypoint up

Waypoint will start the process and output the following.

» Building nomad-nodejs-web...
â ™ Running build v1

» Performing operation locally
Creating new buildpack-based image using builder: heroku/buildpacks:20
✓ Creating pack client
✓ Building image
 │ [exporter] Adding layer 'buildpacksio/lifecycle:process-types'
 │ [exporter] Adding label 'io.buildpacks.lifecycle.metadata'
 │ [exporter] Adding label 'io.buildpacks.build.metadata'
 │ [exporter] Adding label 'io.buildpacks.project.metadata'
 │ [exporter] Setting default process type 'web'
 │ [exporter] Saving nomad-nodejs-web...
 │ [exporter] *** Images (482b7fc8b561):
 │ [exporter]       nomad-nodejs-web
 │ [exporter] Adding cache layer 'heroku/nodejs-engine:dist'
 │ [exporter] Reusing cache layer 'heroku/nodejs-npm:toolbox'
✓ Injecting entrypoint binary to image

Generated new Docker image: nomad-nodejs-web:latest
✓ Running push build v1
✓ Tagging Docker image: nomad-nodejs-web:latest => nomad-nodejs-web:1
✓ Docker image pushed: nomad-nodejs-web:1

» Deploying nomad-nodejs-web...
✓ Running deploy v1
✓ Job registration successful
✓ Allocation "02157784-81fe-b488-d36d-5f8a7ea22e8c" created: node "feb6cf8a-e396-e006-6bab-02827001cb8c", group
"nomad-nodejs-web-01gwsybfftps09nm9gd20vtzj7"
✓ Evaluation status changed: "pending" -> "complete"
✓ Evaluation "83f2b372-3bf2-994f-a205-3d198de0debd" finished with status "complete"
✓ Deployment successfully rolled out!
✓ Finished building report for Nomad platform
✓ Job "nomad-nodejs-web-01gwsybfftps09nm9gd20vtzj7" is reporting ready!

✓ Finished building report for Nomad platform
✓ Job "nomad-nodejs-web-01gwsybfftps09nm9gd20vtzj7" is reporting ready!

» Releasing nomad-nodejs-web...
✓ Running release v1
No release phase specified, skipping...

» Variables used:
  VARIABLE | VALUE | TYPE | SOURCE  
-----------+-------+------+---------


The deploy was successful!

The release did not provide a URL and the URL service is disabled on the
server, so no further URL information can be automatically provided. If
this is unexpected, please ensure the Waypoint server has both the URL service
enabled and advertise addresses set.

Waypoint shows the progress of the build, deploy, and release steps in the output but does not contain deployment URLs as the URL service is disabled when using HCP Waypoint.

View the application's URL by first finding the full ID of the most recent job starting with the prefix nomad-nodejs. In this example, the most recent job is nomad-nodejs-web-01gwsybfftps09nm9gd20vtzj7. 

$ nomad job status nomad-nodejs
ID                                           Type     Priority  Status   Submit Date
nomad-nodejs-web-01gwsybfftps09nm9gd20vtzj7  service  10        running  2023-03-30T15:01:47-04:00

Copy the job ID and paste it into the second line of the following command. The command gets the status for the job, searches for its allocations, extracts the allocation that has a status of running, and passes the allocation's ID to the nomad alloc status command to get the status of the allocation. It then searches for the allocation with the waypoint label, and prints out the formatted address.

Open the URL from the output in your browser.

$ nomad alloc status \
  $(nomad job status nomad-nodejs-web-01gwsybfftps09nm9gd20vtzj7 | \
  grep -i allocation -A 10 | \
  grep -i running | \
  awk '{print $1}') | 
  grep -i waypoint | awk '{print "http://"$3}' 

http://192.168.50.210:22605

The example application showing deployment text

Update and redeploy the app

One of the most powerful parts of Waypoint is that it allows you to quickly iterate on and redeploy changes to your application.

Open index.ejs in your text editor and update the deployment message in the <h1> tag. Save the file.

nomad-cloud/example-app/views/pages/index.ejs
<section class="content">
  <div class="language-icon">
    <img src="/language.svg" alt="Node.js Icon" />
  </div>
  <h1>This Node.js app was updated and redeployed with Waypoint!</h1>
  <p>
    Try making a change to this text locally and run <code>waypoint up</code> again to see it.
  </p>
  <p>
    Read the <a href="https://waypointproject.io/docs">documentation</a> for more about Waypoint.
  </p>
</section>

Navigate back to your terminal and restart the workflow.

$ waypoint up

Waypoint will start the process and output the following.

» Building nomad-nodejs-web...
â ™ Running build v2

» Performing operation locally
Creating new buildpack-based image using builder: heroku/buildpacks:20
✓ Creating pack client
✓ Building image

# ...

Generated new Docker image: nomad-nodejs-web:latest
✓ Running push build v2
✓ Tagging Docker image: nomad-nodejs-web:latest => nomad-nodejs-web:1
✓ Docker image pushed: nomad-nodejs-web:1

» Deploying nomad-nodejs-web...
✓ Running deploy v2
✓ Job registration successful
✓ Allocation "04518bc2-c940-c101-30e3-10e03149cf45" created: node "feb6cf8a-e396-e006-6bab-02827001cb8c", group
"nomad-nodejs-web-01gwt040bta2j0364q8xhzrgxs"
✓ Evaluation status changed: "pending" -> "complete"
✓ Evaluation "cf7d7314-ee6b-6598-7879-31d5f61dc31d" finished with status "complete"
✓ Deployment successfully rolled out!
✓ Finished building report for Nomad platform
✓ Job "nomad-nodejs-web-01gwt040bta2j0364q8xhzrgxs" is reporting ready!

» Releasing nomad-nodejs-web...
✓ Running release v2
No release phase specified, skipping...

# ...

The deploy was successful!

# ...

Find the full ID of the most recent job starting with the prefix nomad-nodejs. In this example, the most recent job is nomad-nodejs-web-01gwt040bta2j0364q8xhzrgxs. 

$ nomad job status nomad-nodejs
Prefix "nomad-nodejs" matched multiple jobs

ID                                           Type     Priority  Status   Submit Date
nomad-nodejs-web-01gwsybfftps09nm9gd20vtzj7  service  10        running  2023-03-30T15:01:47-04:00
nomad-nodejs-web-01gwt040bta2j0364q8xhzrgxs  service  10        running  2023-03-30T15:32:39-04:00

Get the URL by using the job ID in the second line of the following command. Open the URL from the output in your browser.

$ nomad alloc status \
  $(nomad job status nomad-nodejs-web-01gwt040bta2j0364q8xhzrgxs | \
  grep -i allocation -A 10 | \
  grep -i running | \
  awk '{print $1}') | 
  grep -i waypoint | awk '{print "http://"$3}' 

http://192.168.50.210:20789

The updated example application with new text

Next steps

In this tutorial, you learned about Waypoint and the application workflow, set up a Waypoint server and client on Nomad, and built, deployed, updated, and redeployed an application.

Learn how to deploy applications to other platforms with Waypoint by checking out the Docker and Kubernetes tutorials.

Continue on to the next tutorial by clicking on the Next button below. You will learn how to interact with a running application container and browse the Waypoint web UI.

Be sure to follow the steps in the Destroy the Deployment tutorial to uninstall the Waypoint components and clean up your Nomad cluster.

Edit this page on GitHub